[Bug 286085] security/tailscale: Add telemetry opt-out to rc script

From: <bugzilla-noreply_at_freebsd.org>
Date: Sun, 13 Apr 2025 23:58:48 UTC 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=286085

            Bug ID: 286085
           Summary: security/tailscale: Add telemetry opt-out to rc script
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: Individual Port(s)
          Assignee: ashish@FreeBSD.org
          Reporter: freebsd@cooltrainer.org
          Assignee: ashish@FreeBSD.org
             Flags: maintainer-feedback?(ashish@FreeBSD.org)

Created attachment 259532
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=259532&action=edit
Patch to add telemetry opt-out to Tailscale rc script

I use the Tailscale client software with my self-hosted Headscale control-plane
and was very disappointed recently when I realized I've been feeding Tailscale
(the company) detailed telemetry for everything I do on my supposedly-private
network despite having no business relationship with them.


See Tailscale KB1011 for reference:
https://tailscale.com/kb/1011/log-mesh-traffic


“Each Tailscale agent in your distributed network streams its logs to a central
log server (at log.tailscale.io). This includes real-time events for open and
close events for every inter-machine connection (TCP or UDP) on your network.”


This patch adds the ability to turn that off by adding a generic
${tailscaled_args} plus a specific ${tailscaled_telemetry_enable} which uses
the _args variable in the same way that the existing
${tailscaled_exitnode_enable} uses ${tailscaled_up_args}. The two _args
variables are not redundant, because the new one is the argument to starting
the service and the existing one is the argument to the running client's
instruction to create the TUN interface.


I defaulted to telemetry enabled, because Tailscale say that it must be enabled
for their customers to get technical support. Headscale users and
privacy-conscious Tailscale customers can choose to opt out.

-- 
You are receiving this mail because:
You are the assignee for the bug.